Posted by: David Harley | November 19, 2017

Android crackdown on misuse of accessibility services

ZDnet: Android security: Google cracks down on apps that want to use accessibility services

Danny Palmer: “Measure would prevent feature designed for aiding disabled users from being abused by malicious apps — but could force changes for popular apps, too.”

David Harley

Posted by: David Harley | November 19, 2017

Android’s out-of-date devices

For ZDnet, Liam Tung describes Android’s big problem: Over a billion devices are more than two years out of date. (I do hate pages that enforce videos…)

It’s based on rather an interesting article, though, by Dan Luu: How out of date are android devices?

David Harley

Posted by: David Harley | November 6, 2017

Android: fake WhatsApp app

Pierluigi Paganini: Fake WhatsApp app in official Google Play Store downloaded by over a million Android users.

“The Reddit user DexterGenius has decompiled the fake WhatsApp version and discovered it is an ad-loaded wrapper which included the code to download a second apk.”

David Harley

Posted by: David Harley | November 3, 2017

Apple Updates

Zeljka Zorz for Help Net Security summarizes: Apple protects its Wi-Fi enabled devices from KRACK attack.

Also, updates addressing vulnerabilities in Webkit, Safari, iOS, 3rd party packages in macOS, APFS…

David Harley

Posted by: David Harley | October 26, 2017

AV-Test look at anti-malware for Android

The Register comments on the recent AV-Test look at anti-malware programs for Android. Good performance almost all round, with Google’s own Play Protect trailing the pack by some way.

The Register: “Google Play Protect is ‘dead last’ at detecting malware on Android – Don’t expect ads giant to stop all software nasties for you – it certainly can’t”

AV-Test: “The best antivirus software for Android – AV-TEST Product Review Report – Sep/2017

David Harley

Posted by: David Harley | October 23, 2017

Comments on this blog…

…are moderated. You’ll need to try a bit harder than that to get your totally irrelevant site linked to from here.

You know who you are. Assuming you actually take the time to read this…

David Harley

Posted by: David Harley | October 20, 2017

Symantec: Sockbot malware on Google Play

Softpedia: Sockbot Malware Found in Eight Android Apps Published on Google Play

“Apps infected with malware have once again made it to the Google Play store, and security company Symantec warns that they’ve been installed on at least 600,000 devices.”

Symantec: Android malware on Google Play adds devices to botnet – Symantec has found eight apps infected with the Sockbot malware on Google Play that can add compromised devices to a botnet and potentially perform DDoS attacks.

David Harley

Posted by: David Harley | October 20, 2017

OSX/Proton and Elmedia Player

Good research from ESET Canada: OSX/Proton spreading again through supply-chain attack

“ESET researchers noticed that Eltima, the makers of the Elmedia Player software, have been distributing a version of their application trojanized with the OSX/Proton malware on their official website. ESET contacted Eltima as soon as the situation was confirmed. Eltima was very responsive and maintained an excellent communication with us throughout the incident.”

David Harley

Posted by: David Harley | October 16, 2017

DoubleLocker: interview with Lukáš Štefanko

More about DoubleLocker from ESET: DoubleLocker Android ransomware explained

David Harley

Posted by: David Harley | October 16, 2017

Apple ID password prompt bug report

Thomas Claburn for The Register: Apple’s iOS password prompts prime punters for phishing: Too easy now for apps to swipe secrets, dev warns – Fake login request boxes spark formal bug report

Bug report on Open Radar: Apple ID password prompts can easily be replicated, phishing attacks easily possible

David Harley


Older Posts »